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REMARKS 

L Introduction 

In response to the Office Action dated October 9, 2003, claims 3 S 6, and 18 have 
been amended. Claims 1-23 remain in the application. Re-examination and re-consideration 
of the application, as amended, is requested. 

II. Clainv_Amendments 

Applicants* attorney has made amendments to the claims as indicated above. These 
amendments were made solely for the purpose of clarifying the language of the claims, and 
were not required fox purposes of patentability. 

III. The Cited References and the Subject Invention 

A. The Rallis Reference 

"U.S. Patent No. 6,21 6,230, issued April 10, 2001 to Rallis et al. discloses a notebook 
security system (NBS) that prevents unauthorized use of a computer, A program resident on 
the computer and implements a user-validation procedure, A key device carries a Erst serial 
number and an encryption key. A second serial number is stored in said computer, die 
second serial number being the serial number of a device internal to the computer. A mass 
storage device installed in said computer stores a validation record. The validation record 
comprises an unencrypted portion and an encrypted portion, the unencrypted portion 
including a copy of said first serial number and said encrypted portion including a copy of 
said second serial number and a user personal identification number. The key device is 
interfaced to the computer. The first serial number and the encryption key axe read from said 
key device in order to gain authorized use of said computer. The key device may be removed 
from the computer after authorized use of the computer has been gained, and during 
operation of the computer. 

B. The Subject Invention 

The Applicants' invention is a method and apparatus for securing a token from 
unauthorized use. The method comprises the steps of receiving a first message transmitted 
from a host processing device and addressed to a PIN entry device according to a universal 
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serial bus (USB) protocol; accepting a PIN entered into the PIN entry device; and 
transmitting a second message comprising at least a portion of the first message and the PIN 
from the PIN entry device to the token along a secure communication path. In another 
embodiment the present invention describes an apparatus for securing a token from 
unauthorised use, comprising a PIN entry device, communicably coupleable to a host 
processing device transferring a first message addressed to the PIN entry device, and 
communicatively coupleable to die token according to a universal serial bus USB protocol* 
the PIN entry device comprising a user input device, for accepting a user-input PIN; and a 
processor, communicatively coupled to the user input device, the processor for receiving the 
first message and combining die first message with die user~input PIN, and for producing a 
second message having at least a pordon of the first message and the user-input PIN. 

C. Differences Between the Subject Invention and the Cited References 
The Rallis reference does not discloses a system for securing a token from 
unauthorized use. Instead, Rallis teaches the use of a token to prevent unauthorized use of a 
notebook computer. To achieve this aim, the Rallis reference discloses a system wherein the 
PIN is entered by a conventional keyboard coupled to a host computer, not by a device 
coupled between a token and the host computer, as described in the Applicants' invenrion. 
RaJlis also does not disclose intercepting PIN commands from the host computer „. in fact, 
no message having a PIN is ever sent to the key. The only message sent to the key is a 
"super key 1 ' which is stored in the computer (BIOS), not something that the user entered. 
With the foregoing in mind, the Examiner is invited to consider the following remarks. 

IV. Office Action Prior Art Rejections 

In paragraphs (l)-(2) a the Office Action rejected claims 1-23 under 35 U.S.C § 102(e) 
as anticipated by Rallis et al„ U.S. Patent No. 6,216,230 (Rallis). Applicants respectfully 
traverse these rejections. The Applicants respectfully traverse these rejections. 

With Respect to Claims 1 and 12 : Claim 1 recites: 

A method of securing a token from unauthorised use, comprising the steps of: 
receiving a first message transmitted from a host processing device and addressed to a PIN 
entry device according to a universal serial bus (USB) protocol; 

accepting a PIN entered into the PIN entry device; and 
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transmitting a second message comprising at least a portion of the first message and the 
PIN from the PIN entry device to the token along a secure communication path. 

According to the Office Action, Rallis discloses a method of securing a token from 
unauthorised use as follows: 

A program running on the notebook computer 10 use* the key device serial number and die 
encryption key, along with a Personal Identification Number ^PIN), hi a user -validation procedure to 
prevent operation (Le. power-up) of the note book computer 10 by an unauthorized user. For 
maximum security protection, die key device 20 is connected only during die user-validation 
procedure and is carried and scored separately torn the notebook computer 10. (col, 2, Unes 52-56) 

However, the Rallis reference is not directed to a system preventing unauthorised 
use of a token, but rather, a system that uses a token to prevent unauthomed use of a 
computer. On this basis alone, the rejection under 35 LLS.C 102(e) is improper and should 
be wididrawn. 

The Office Action also indicates that the Rallis reference discloses the step of 
"receiving a first message transmitted from a host processing device and addressed to a PIN entry device * 
according to a universal serial bus (USB) protocol" as follows: 

A program that is automatically invoked at computer power-up, or reset, implements the user- 
validation procedure. The user is prompted to connect the key device to the computer. In the 
preferred embodiment the user is prompted to enter a PIN, although the system can be configured co 
operate without manual PIN entry, (col. 1, lines 49-54) 

The Applicants respectfully disagree. The foregoing teaches than the user connects 
and key to the notebook computer and enters a PIN into the notebook computer. 
Accordingly, there is no tc PIN entry device" except perhaps the "notebook computer" which 
cannot be connected to itself via a USB protocol. 

The Office Action also indicates that the Rallis reference discloses the step of 
"transmitting a second message comprising at least a portion of the first message and the PIN from the PIN 
entry device to the token along a secure communication path" as follows: 

The procedure permits entry past a first security level onty if die key device serial number matches die 
unencrypted numbers in the validation record. If the first-lcvct validation is successful, the procedure 
then uses the encryption key to decrypt die hard drive serial number and PIN found in die stored 
validation record, (col 1, lines 54-59) 

Of course, the foregoing does not disclose transmitting a second message comprising 
a PN from a PIN entry device to a token. Rallis teaches a system wherein the PIN is entered 
into the notebook computer and used for further processing. It is not transmitted anywhere, 
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let alone via from a PINT entry device to a token. Accordingly, the Applicants respectfully 
traverse the rejection of claim 1. 
Ckim 12 recites 

a PIN entry device* communicabfy coupkablc to a host processing device transmitting a first 
message addressed to the PIN entry device, and communicatiwty coxpkable to the token according to 
a universal serial bus USB protocol, the PIN entry device comprising: 

a user input device, for accepting a user-input PIN; and 
a processor, communicatively coupled to the user input device, the processor for 
receiving the first message and combining the first message with the user-input PIN, and for 
producing a second message having at least a portion of the first message and the user-input PIN 

As discussed above, Rallis does not disclose a PIN entry device communicatively 
coupled to a host processing device and to a token according to a USB protocol Nor does 
Rallis disclose a PIN entry device having a processor that receives the first message and 
combines it with a user-entered PIN to produce a second message. Accordingly, the 
rejection of claim 12 is traversed as well 

With Respect ta Claim 2 ; Claim 2 tecites that the first message received in the PIN 
entry device and the second message is transmitted from the PIN entry device directly to the 
token along the secure communication path. According to the Office Action, these features 
are disclosed as follows; 

The user is prompted to connect the key device to the computer. In rhc preferred embodiment the 
user is prompted to enter n PIN, although the system can be configured to operate without manual 
PIN entry, (coL 1, lines 51-54) 



and at 



and 



The procedure permits entry past the second security level only if the validation record is properly 
decrypted, the installed hard disk serial number matches the decrypted number, and the mnnually- 
emered PIN matches the decrypted PIN. A failure at any step in die user-validation procedure will 
immediately power down the computer, thereby rendering it useless to a thief not possessing the 
required key device, (col. 1, lines 60-67) 



A program running on the notebook computer 10 uses the key device serial number and the 
encryption key, along with a Personal Identification Number (PIN), in a user-validation procedure to 
prevent operation (i.e. powcr-up) of the note book computer 10 by an unauthorized user. For 
mfl^imum security protection, the key device 20 is connected only during the user- validation 
procedure and is carried and stored separaxely from the notebook computer 10. (col. 2, lines 52-56) 
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As described above with respect to claim 1, the Rallis reference does not teach 
transmitting a PIN anywhere via a USB protocol Accordingly, the rejection of claim 2 is 
traversed as well. 

With Respect to Claim 3 : Claim 3 recites that the step of receiving the first message 
from the host processing device and addressed to a PIN entry device comprises the steps of: 

receiving the first message in a U SB-compliant huh communicatively coupled to (he hast 
processing device via a first communication path; and 

transmitting the first message to the PIN entry device communicatively coupled to the USB- 
compliant hub 

and that the step of transmitting the second message comprising a portion of die first 
message and the PIN and at least a portion of the first message from the PIN entry device to 
die token along a secure communication path comprises the steps of: 

transmitting a second message from the PIN entry device via the USB huh. 

The Office Action indicates that the step of receiving the first message transmitted 
from a host processing device and addressed to a PIN entry device is disclosed as follows: 

The procedure permits entry past a first secuiiry level only if die key device serial number matches the 
unencrypted number in the validation recard If the first-level validation is successful, the procedure 
then uses the encryption key to decrypt the hard drive serial number and PIN found in the stored 
validation record, (col, 1, lines 54-59) 

Plainly, the foregoing does not disclose a USB-compliant hub at all, let alone the 
other features of claim 1. The Office Action therefore argues that a hub is "inherendy 
disclosed" because Rallis discloses a USB port 14. However, a USB port is not a USB hub, 
and inherency "may not be established by probabilities or possibilities. The mere fact that a 
certain thing may result from a given set of circumstances is not sufficient.'* Continental Can 
Co. v. Monsanto Co,, 948 F.2d 1264, 1269(Fed. Cir. 1991). Instead, to establish inherency, die 
extrinsic evidence "must make clear that the missing descriptive matter is necessarily present 
in the thing described in the reference, and that it would be so recognised by persons of 
ordinary skill." Continental Can Co., 948 F.2d at 1268. 

There is nothing about die Rallis reference that indicates that a USB hub is 
"necessarily present". Indeed, the Rallis system has no need whatsoever for a USB hub. 
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The Office Action includes further reference to other portions of the Rallis 
reference > but these portions do not disclose a USB hub, nor do diey provide evidence 
supporting an argument that a USB hub is necessarily present in the Rallis device. 
Accordingly, ihe Applicants respectfully traverse die rejection of churn 3. 

With Respecr to Claim 4 : Claim 4 recites chat the step of transmitting the second 

message from the PIN entry device via die USB-compliant hub comprises the steps of: 

transmitting a third message comprising the PIN from the PIN entry device to the USB- 
compliant hub; 

processing the message in the USB-compliant bub to produce the second message; and 
transmitting the second message from the USB-compliant huh. 

According to the Office Action, the foregoing steps are disclosed as follows: 

A ptogram that is automatically invoked at computer power-up, or reset, implements the user- 
vaidatton procedure. The user is prompted to connect the key device to the computer. In the 
preferred embodiment, the user is prompted to enter a PIN, although rhe system can be configured to 
operate without manual PIN entry. The procedure permits entry past a first security level only if the 
key device serial number matches the unencrypted numbers in the validation record. If the first-level 
validation is successful, the procedure then uses the encryption key to decrypt the hard drive serkl 
number and PIN found in the stored validation record. The procedure permits entry past the second 
security level only if die validation record is properly decrypted, the installed hard disk serial number 
matches die decrypted number, and die manually-entered PIN matches the decrypted PIN. A failure 
at any step in the user- validation procedure will immediately power down the computet, diereby 
rendering it useless to a thief not possessing the required key device, (col. 1, lines 49-67). 

The Applicants respectfully disagree. Nothing in the foregoing text discloses 
transmitting a third message comprising the PIN from the PIN entry device to a USB- 
compliant hub, processing the message in the hub to produce a second message, or 
ttansnutting the second message from the USB-compliant hub. Rallis fails to discloses a hub 
and teaches that the PIN is accepted in the notebook computer and is not transmitted 
anywhere else. Accordingly, the Applicants respectfully traverse the rejection of claim 4 as 
well. 

With RespecttoXlaim 5 : Claim 5 recites that die signal received from the host 
processing device is generated in an API interface. The Office Action argues that this is 
inherendy disclosed in Rallis, because Rallis discloses messages that are both sent to and 
received by the token and the notebook. 

Inherency "may not be established by probabilities or possibilities. The mere fact 

that a certain thing may result from a given set of circumstances is not sufficient*" Continental 

Can Co. v. Monsanto Co., 948 F.2d 1264, 1269(Fed. Cir. 1991). Instead, to establish inherency, 
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the extrinsic evidence "roust make clear that the missing descriptive matter is necessarily 

present in the thing described in the reference, and that it would be so recognised by 

persons of ordinary skill." Continental Can Co., 948 F.2d at 1268. The Applicants traverse this 

rejection, because messages can be sent from different devices without resort co an API 

interface, and hence, the "inherency doctrine" is not applicable here. 

With Respect to Claims 6. 8. 9. 13, and 15 : Claim 6 recites that the first that the first 

message is encrypted according to a first encryption key, and chat the entry device comprises 

a decryption module having access to the first encryption key for decoding the first message. 

• The Office Action indicates that this is disclosed as follows: 

Briefly, a security system constructed in accordance -with the invention implements ji user-validation 
pr oceduic tliai requires the user to connect die piopei hardware "key" device to a computer at power- 
up to enable operation. The system can supporr multiple users and a single supervisor. Each 
authorised user is provided vtadi a unique key device which is carried and stored separately from the 
computer. The key device holds a unique serial number and an encryption key. A validation record 
stored on the computer's hard disk contains an unencrypted key device serial number, an encrypted 
hard disk serial number, and a Personal Identification Number (PIN) unique to the user. 

A program that is automatically invoked at computer power-up, or reset, implements die user- 
validation procedure. The user is prompted to connect the key device to the computer. In the 
preferred embodiment, the user is prompted to enter a PIN, although the system can be configured TO 
operate without manual PIN entry. The procedure permits entry past a first security level only if die 
key device serial number matches the unencrypted numbers in the validation record. If the first-level 
validation is successful, the procedure then uses the encryption key to decrypt the hard drive serial 
number and PIN found in the stored validation record. The procedure permits entry past die second 
security level only if the validation record is properly decrypted, the installed hard disk serial number 
matches the decrypted number^ and the manually-entered PIN matches the decrypted PIN. A failure 
at any step in rhc user-validation procedure will immediately power down the computer, thereby 
rendering it useless to a thief not possessing the required key device, (col. 1, lines 37-67) 

However* the foregoing does not teach a PIN entry device having a decryption module for 
decoding the first message. The Rallis reference teaches that the PIN is entered directly into 
the notebook computer. Since Rallis teaches that the PIN is nor transmitted from the host 
computer anywhere else, it is not subject to compromise, and hence, there is no reason 
whatever to encrypt the PIN and decrypt it with a decryption module. Claim 13 is allowable 
for the same reasons. Claims 8 and 15 likewise recite decryption modules that are not 
needed or employed in Rallis. Accordingly, the Applicants respectfully traverse die rejection 
of claims 6, 8, 9, 13, and 15. 

With Respect to Claims 10 and 11 : Claim 10 recites that die first message is a 
message transmitted from the host processing device to authorize a transaction, and claim 1 1 
recites mat die first message is a message transmitted from the host processing device to 
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authenticate a user of the token. According to the Office Action, these features ate 

disclosed as follows: 

A program char is automatically invoked at computer power-up, or reset, implements the user- 
validation procedure, (col 1, lines 49-5T) 

and 

FIG. 2 is a block diagram of die major components within the Central Processing Unit (CPU) 50 
address space for a conventional IBM PC-compatible computer. At powcr-up, the CPU 50 accesses 
the Basic Input/Output System (BIOS) Read-Only Memory (ROM) 30 and executes a "boot-up" 
procedure. Prior to the termination of die boo tup procedure, the CPU downloads die operating 
system (OS) program via a memory-mapped interface 40 from a mass storage device, such as a hard 
drive 42 or possibly a diskette 44, and reads it into main Random-Access Memory (RAM) memory 60. 
In the preferred embodiment of die invention, the boot-up user-validation program resides in a ROM 
adapter 34 of the BIOS 30 and is executed at boot-up and prior to the download of die operating 
system, {col. 2, line 61 through coL 3, line 7) 

None of the foregoing refers to a "transaction", and Rallis does nor authenticate the 
user of a token. Rallis is directed to using a token to unlock a notebook computer. The 
Applicants therefore traverse these rejections as well. 

With Respect to Claim 18 : Claim 18 recites: 

A. method for securing a token from unauthorised use, comprising: 
intercepting a first message from the host processing device addressed to the token in a bub; 
providing the intercepted message to a PIN entry device communicatively coupled to the hub; 
accepting a second message from the PIN entry device comprising a user-entered PIN; 
generating a third message from the second message^ the third message comprising the user- 
entered PIN and at least a portion of the first message; and 

transmitting the third message from the V SB-compliant hub to the token. 

According to the Office Action, the limitations of claim 18 were already discussed in 
the rejections of claims 1 and 3-4, bur this is nor the case. Nothing in Rallis discloses 
intercepting a message from a host processing device addressed to the token in a hub. Rallis, 
in fact, fails to disclose intercepting any message, fails to disclose sending a message from a 
host processing device to a token, and fails co disclose a hub at all. The Office Action does 
not indicate which messages are the "second" and "thitd" messages described in the claim, 
and the Applicants can ascertain no such disclosure. Accordingly, the Applicants traverse 
the rejection of claim 18. 
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With Respect to Claim 20 : Claim 20 recites: 

a USB-compHant hub, communicahty coupkabk b&tmen a host processing {twice and the 
token, the USB compliant hub having 

means for intercepting a message addressed to /he PIN entry device; 

means for generating a third message from the first message and a us&r-entered 

PIN; and 

means for transmitting the third message to the token; 
a PIN entry device, communicativelj coupled to U SB-compliant hub, for accepting a user- 
entered PIN and providing the user-entered PIN to the USB-compHant hub. 

The Office Action asserts that Rallis inherently discloses a USB -compliant hub, 
because it discloses a USB-coinpliant port However, a USB hub is not analogous to a USB 
port, and nothing in the Rallis reference indicates that a USB hub is necessarily present. 
Rallis likewise fails to disclose a PIN entry device. For these reasons and the others 
described above, claim 20 is allowable over die Rallis reference. 

With Respect to Claim 21 : As discussed above, Rallis does not disclose a means for 
intercepting a message to a PIN entry device or for generating the messages recited in claim 
21. Accordingly, the rejection of claim 21 is traversed as well. 

With Respect to Claim 22 and 23 : As discussed above with respect to claims 6 3 8, 9, 
13, and 15, Rallis does not disclose, nor does it have a need for, encryption modules in a 
PIN entry device. Accordingly, claims 22 and 23 are allowable as well. 

V. Dependent Claims 

Dependent claims 2-11, 13-17, 19, and 21-23 incorporate the limitations of their 
related independent claims, and are therefore patentable on this basis. In addition, these 
claims recite novel elements even more remote from the cited references. Accordingly, the 
Applicants respectfully request that these claims be allowed as well. 
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VI. Conclusion 

In view of the above, it is submitted thai this application is now in good order for 
allowance and such allowance is respectfully solicited. Should the Examiner believe minor 
matters still remain that can be resolved in a telephone interview, the Examiner is urged to 
call Applicants* undersigned attorney. 

Respectfully submitted, 

GATES & COOPER LLP 
Attorneys for Applicant(s) . 

Howard Hughes Center 
6701 Center Drive West, Suite 1050 
Los Angeles, California 90045 
(310) 641-8797 



Date: January 7. 2004 
VGC/mrj 



A 




Name: Victor G. Cooper 
Reg. No.: 39,641 
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